diff options
| author | Mattias Andrée <maandree@operamail.com> | 2013-11-22 11:03:34 +0100 |
|---|---|---|
| committer | Mattias Andrée <maandree@operamail.com> | 2013-11-22 11:03:34 +0100 |
| commit | 2b7dd9295829f479feb26b2462fb83a4c6ca30a6 (patch) | |
| tree | 87caa2e80efab060a107fdea3b1b4e17d1ce7d5d /src | |
| parent | add option to print * for each char (diff) | |
| download | libpassphrase-2b7dd9295829f479feb26b2462fb83a4c6ca30a6.tar.gz libpassphrase-2b7dd9295829f479feb26b2462fb83a4c6ca30a6.tar.bz2 libpassphrase-2b7dd9295829f479feb26b2462fb83a4c6ca30a6.tar.xz | |
do not use realloc by default, it is bad security
Signed-off-by: Mattias Andrée <maandree@operamail.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/passphrase.c | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/src/passphrase.c b/src/passphrase.c index 94922e4..ae7ad36 100644 --- a/src/passphrase.c +++ b/src/passphrase.c @@ -78,8 +78,27 @@ char* passphrase_read(void) #endif *(rc + len++) = c; if (len == size) - if ((rc = realloc(rc, (size <<= 1L) * sizeof(char))) == NULL) - return NULL; + { +#ifndef PASSPHRASE_REALLOC + char* rc_2 = malloc((size <<= 1L) * sizeof(char)); + int i; + if (rc_2) + { + for (i = 0; i < len; i++) + *(rc_2 + i) = *(rc + i); + } + for (i = 0; i < len; i++) + *(rc + i) = 0; + free(rc); + if (rc_2 == NULL) + return rc_2; + rc = rc_2; +#else + rc = realloc(rc, (size <<= 1L) * sizeof(char)); + if (rc == NULL) + return NULL; +#endif + } } } |